Something strange is happening. I patched the CentOS kernel (kernel-2.6.9-42.0.3) with pfring, installed it, and rebooted.
After doing a modprobe ring with the following options... bucket_len=512 num_slots=4096 sample_rate=1 transparent_mode=0 I see this in /var/log/messages kernel: Welcome to PF_RING 3.2.1 kernel: (C) 2004-06 L.Deri <[EMAIL PROTECTED]> kernel: NET: Registered protocol family 27 kernel: PF_RING: bucket length 512 bytes kernel: PF_RING: ring slots 4096 kernel: PF_RING: sample rate 1 [1=no sampling] kernel: PF_RING: capture TX No [RX only] kernel: PF_RING: transparent mode No kernel: PF_RING initialized correctly. kernel: PF_RING: registered /proc/net/pf_ring/ Which is what I expect. However, when I start a version of tcpdump that i know is _NOT_ compiled against libpcap with pfring I am still able to capture packets. I thought when transparent_mode=0 anything not compiled against a libpcap patched with pfring would not capture packets. What could be wrong? Wally _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
